<?php 
/**
 * @version        $Id: admin_admin_ok.php 2014年8月20日Z yeshili $
 * @package        YeshiliCMS.Admin
 * @copyright      Copyright (c) 2014 - 2050, YeshiliCMS, Inc.
 * @license        http://help.****.com/YeshiliCMS/help.html
 * @link           http://www.****.com
 */
include '../inc/config.php';
require 'admin_session.php'; 
get_rank($_SESSION['id']);
$act = getvar('act');
$id = getvar('id');
$username = getvar("username");
$password = getvar("password");
$name = getvar("name");
$tel = getvar("tel");
$qq = getvar("qq");
$weixin = getvar("weixin");
$content = getvar("content");
$addtime = date("Y-m-d H:i:s");
$rankadmin = getvar("rankadmin");

//添加数据
if ($act=='add') {
	if(check_username($username)){
		exit("<script>alert('用户 ".$username." 已经存在!');window.history.go(-1)</script>");
	}
	$record = array(
		'username'		=>$username,
		'password'		=>md5($password),
		'name'		    =>$name,
		'tel'		    =>$tel,
		'qq'		    =>$qq,
		'weixin'	    =>$weixin,
		'content'		=>$content,
		'addtime'		=>$addtime,
		'rankadmin'     =>$rankadmin
	);
	$db->insert($GLOBALS[dbprefix].'admin',$record);
	get_record('【管理员】'.$username,'add');
	echo "<script>alert('添加成功!');window.location='admin_admin.php';</script>";
}
//修改
if ($act=='mod'){
	$pass = getvar("pass");
	$row =  $db->getonerow(get_sql("select password from {pre}admin where id=".$id));
	if($row['password']==md5($pass)){
	 if($password==$row['password']){$password=$row['password'];}else{$password=md5($password);}
	 $record = array(
		'password'		=>$password,
		'name'		    =>$name,
		'tel'		    =>$tel,
		'qq'		    =>$qq,
		'weixin'		=>$weixin,
		'content'		=>$content,
		'rankadmin'     =>$rankadmin
	 );
	 $db->update($GLOBALS[dbprefix].'admin',$record,'id='.$id);
	 get_record('【管理员】'.$username,'mod');
	 echo "<script>alert('修改成功!');window.location='admin_admin.php';</script>";}
	else{
	 echo "<script>alert('输入的原始密码不对，请重新输入!');history.go(-1);</script>";	
	}
}

//删除
if ($act=='del') {
	get_record('【管理员】'.get_field('admin','username','id',$id),'del');
	$db->delete($GLOBALS[dbprefix].'admin',"id=".$id);
	echo "<script>alert('删除成功!');history.go(-1);</script>";
}

function check_username($username){
	global $db;
	return $db->getRowsNum(get_sql("select id,username from {pre}admin where username='".$username."'"));
}

?>
